refining/secrets
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 61 Wiki Activity

feat(secrets-mcp): 审计页、audit_log user_id、OAuth 登录与仪表盘 footer
All checks were successful
Secrets MCP — Build & Release / 版本 & Release (push) Successful in 3s
Details
Secrets MCP — Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 7m20s
Details
Secrets MCP — Build & Release / Build Linux (musl) (push) Successful in 8m23s
Details
Secrets MCP — Build & Release / 发布草稿 Release (push) Successful in 1s
Details
Secrets MCP — Build & Release / 部署 secrets-mcp (push) Successful in 6s
Details

Browse Source 
- audit_log 增加 user_id;业务写审计透传 user_id
- Web /audit 与侧边栏;Dashboard 版本 footer 贴底(margin-top: auto)
- 停止 API Key 鉴权成功写入登录审计
- 文档、CI、release-check 配套更新

Made-with: Cursor
This commit is contained in:
voson
2026-03-21 11:12:11 +08:00
parent ee028d45c3
commit f2344b7543
19 changed files with 361 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
crates/secrets-core/src/service/add.rs
View File

@@ -346,6 +346,7 @@ pub async fn run(pool: &PgPool, params: AddParams<'_>, master_key: &[u8; 32]) ->
crate::audit::log_tx(
&mut tx,
params.user_id,
"add",
params.namespace,
params.kind,

23
crates/secrets-core/src/service/audit_log.rs Normal file
View File

@@ -0,0 +1,23 @@
use anyhow::Result;
use sqlx::PgPool;
use uuid::Uuid;
use crate::models::AuditLogEntry;
pub async fn list_for_user(pool: &PgPool, user_id: Uuid, limit: i64) -> Result<Vec<AuditLogEntry>> {
let limit = limit.clamp(1, 200);
let rows = sqlx::query_as(
"SELECT id, user_id, action, namespace, kind, name, detail, actor, created_at \
FROM audit_log \
WHERE user_id = $1 OR (user_id IS NULL AND detail->>'user_id' = $1::text) \
ORDER BY created_at DESC, id DESC \
LIMIT $2",
)
.bind(user_id)
.bind(limit)
.fetch_all(pool)
.await?;
Ok(rows)
}

3
crates/secrets-core/src/service/delete.rs
View File

@@ -137,7 +137,7 @@ async fn delete_one(
};
snapshot_and_delete(&mut tx, namespace, kind, name, &row, user_id).await?;
crate::audit::log_tx(&mut tx, "delete", namespace, kind, name, json!({})).await;
crate::audit::log_tx(&mut tx, user_id, "delete", namespace, kind, name, json!({})).await;
tx.commit().await?;
Ok(DeleteResult {
@@ -240,6 +240,7 @@ async fn delete_bulk(
.await?;
crate::audit::log_tx(
&mut tx,
user_id,
"delete",
namespace,
&row.kind,

1
crates/secrets-core/src/service/mod.rs
View File

@@ -1,5 +1,6 @@
pub mod add;
pub mod api_key;
pub mod audit_log;
pub mod delete;
pub mod env_map;
pub mod export;

1
crates/secrets-core/src/service/rollback.rs
View File

@@ -274,6 +274,7 @@ pub async fn run(
crate::audit::log_tx(
&mut tx,
user_id,
"rollback",
namespace,
kind,

1
crates/secrets-core/src/service/update.rs
View File

@@ -241,6 +241,7 @@ pub async fn run(
crate::audit::log_tx(
&mut tx,
params.user_id,
"update",
params.namespace,
params.kind,